Posted
by
timothyon Saturday November 02, 2013 @03:27PM
from the albert-jay-nock-was-an-optimist dept.

jones_supa writes "Edward Snowden papers unmask that the German, French, Spanish and Swedish intelligence services have all developed methods of mass surveillance of internet and phone traffic over the past five years in close partnership with Britain's GCHQ eavesdropping agency. The bulk monitoring is carried out through direct taps into fibre optic cables and the development of covert relationships with telecommunications companies. A loose but growing eavesdropping alliance has allowed intelligence agencies from one country to cultivate ties with corporations from another to facilitate the trawling of the web. The files also make clear that GCHQ played a leading role in advising its European counterparts how to work around national laws intended to restrict the surveillance power of intelligence agencies."

The statement is that the others are also spying on their population and that they are cooperation on that. However, this is different to spying on state personal, presidents or chancellors. That's why the German Chancellor had no problem when Snowden revealed that the world population is spied on by the US. We all assumed that she as any other government was in on it. Spying on herself and here government is a total different story for her. It is save to assume that Germany is not spying on the US government, as they do not have the capabilities.

Sage advice! One wouldn't want to leave their ass just sticking up all unprotected...OK, Most of us wouldn't want to leave their ass just sticking up all unprotected...OK, Many of us wouldn't want to leave their ass just sticking up all unprotected...OK, At least SOME of us wouldn't want to leave their ass just sticking up all unprotected...OK, So is it dry or wet sand?

Are you serious? The Germans are hardly short on technology. Any nation that has long winters with brutal, cold weather, tends to have a surplus of uber-geeks. After all they can hardly be outdoors playing volleyball when it is minus 30 degrees F. over there. We found out in WWII that a tiny nation like Germany is capable of all kinds of bleeding edge tech.
And it is naive to think that economic advantage as well as economic harm are not part of the spy game. How many ideas and trade secrets are stolen by such spy work by governments? And if you start to develop a product that the government feels endangers the big boys wallets you just might suddenly pass away. Evil seems to distribute itself rather easily in all governments.

You seem to be confusing Germany with, I don't know, Iceland or something. The winters are not "brutal" and the country is definitely not "tiny".

Other than that, I agree that industrial espionage and the regular kind probably go hand in hand. Remember how Echelon intel somehow wound up at Boeing and allowed them to screw over the French Airbus? I'm sure it works both ways.

There used to be a program where different countries volunteered to spy on each others country in order to skirt domestic laws. I think this was part of Echelon or maybe Magic Lantern. It could have been a precursor to those programs. The inclusions of dignitaries from citing the old conspiracies were a must as the cold war was a primary purpose of this type of spying. Of course these programs were started long before the internet was a passing fancy of the universities working with various military around

I saw something like that on Craigslist, in the casual encounters section.This guy actually wanted "you" to come over and play seduce his wife as a "plumber" or something, then he wants to watch through a window while you pump a baby into his "slut".Funny how this is similar in circumstance as well as flavour. Well, vive le cooperation! I guess.

The whole "anti-terrorism" excuse is a sham. The NSA has already been providing the DEA with information about drug deals they've intercepted. We know that for a fact.

But when pressured, they can't itemize a list of the terrorist operations they've intercepted and stopped. They toss out vague numbers in the 40s after over a decade of surveillance. So even if they're exagerrating, that's only 4 per year!

From a cruelly financial perspective, it would have been far cheaper to just pay the death benefits to the families of the few people who might have died than to pay the untold billions the NSA, GCHQ, CSEC, et. al. have cost to operate.

Bull. National security be damned - have you ever known a politician not to take credit? That's why I don't believe these operations are even effective. The biggest fish they've bragged about is some cabbie in LA and his friends who sent a whopping $8500 to some terrorist group in Africa. Are we willing to sell the Bill of Rights for that?

The biggest fish they've bragged about is some cabbie in LA and his friends who sent a whopping $8500 to some terrorist group in Africa

Not to mention that the reason he sent the money seems to have been a tribal issue, as in a bribe/tribute so his family back home would get better treatment from the guys running the town who also happened to be members of the terrorist group.

Meanwhile, under oath Alexander was forced to walk back their big claim of foiling 54 plots.

Bull. National security be damned - have you ever known a politician not to take credit? That's why I don't believe these operations are even effective. The biggest fish they've bragged about is some cabbie in LA and his friends who sent a whopping $8500 to some terrorist group in Africa. Are we willing to sell the Bill of Rights for that?

Maybe you haven't paid any attention to the criticism leveled at the Obama administration from current or former members of the intelligence and special operations community for some of the details they have released over the last couple of years. When it comes to intelligence operations, the public tends to hear about the failures, but the successes are generally kept secret for a very long time, if they are ever acknowledged. Publicizing intelligence operations can destroy their value, and not just for

Sounds legit. Must be the same "two US intelligence officials" that told The New Yorker and The New York Times that, somehow, they "knew" Snowden released information (like his passport?) to Chinese and Russian officials.

This is just another PR smear-piece sponsored by the IC. Besides, we already know that blowback from genuinely dangerous boogeymen in planned using couriers.

Intelligence operations aren't like building a new bridge in a congressional district. Chances are that most people want the bridge, welcome the jobs and spending in the district, will think highly of the congressman for getting it (if needed), many people will use the bridge when it's completed, and people might even vote for the congressman in the future. By definition the target of an intelligence operation isn't going to want it, will avoid its consequences if possible, might try to capture or kill the people involved with the operation, and might even completely avoid things associated with it in the future.

That's what Snowden is not understanding - his actions are having unintended consequences. He's taking the idea of "National security be damned" to new levels with his PR campaign. That is the precise attitude that will not only endanger US citizens, but will eventually endanger his own life - whether he runs out of information (and the NSA survives) or some private citizen gets to be the most lucky person in the world for taking him out.

It can't have been a coincidence that Snowden and partners in the press are releasing this in such a specific order. Only after the US populace at large proved (predictably, in my opinion) completely apathetic to the news of their governments unconstitutional spying on US citizens did they proceed to release data about the NSA snooping on international level.

Meanwhile there's no evidence that these leaks actually endangered any operatives, or concrete indications that terrorist cells have already adapted (h

The biggest fish they've bragged about is some cabbie in LA and his friends who sent a whopping $8500 to some terrorist group in Africa. Are we willing to sell the Bill of Rights for that?

Yes, I would have thought that serious terrorists and crooks would be using long-key one-time-pad encryption with random transmission and reception locations and devices so that no amount of surveillance can tell who's talking to who about what.

The real issue is that terrorist networks tend not to use any sort of mobile or internet communication today. Some idiots do, but as the horrible Boston bombing did prove this surveillance did not change anything (dragnets never do). It is also fact that warnings that were issued got ignored by the FBI and NSA. I am not sure if any explanation for why that has has been given today.

This surveillance is excused by the "global war on terror(ism)". While the reality is that it is being used by governments aroun

Same thing happened in the US to a large extent, but there's a big difference between "everybody knows" and serious evidence. The former can be shrugged off a lot more easily.

P.S. Looks like us Yanks aren't the only ones who should be grateful to Snowden.

P.P.S. I do get some satisfaction from being able to shut up overly smug Europeans (I don't mean you). I can be very critical of my country, and except for stupid anti-American rants, I don't mind others doing so. What I hate is smug superiority - and this shows that their shit stinks too.

Ha! We all knew our shit stank long before this - here in Sweden the spying was mostly in the open - our govt enacted the "FRA-law" openly to allow the military signal intelligence agency FRA to tap all cables crossing our borders, and the EU enacted the Data retention Directive forcing ISPs to log all call meta data for an extended period of time.

This is a global problem. But, the US is also taking the lead. Most of this stuff originates from the US, but it infects everyone.

Good job missing the essential point. The problem is that spies agency of our countries don't consider other spy agency as their enemies but as their allies. We citizens are considered the enemy by our own spy agencies and spy agencies around the world collaborate with each other to spy on normal citizens. I's not USA vs Europe. It's spy agencies vs citizens.

We citizens are considered the enemy by our own spy agencies and spy agencies around the world collaborate with each other to spy on normal citizens.

Ordinary citizens aren't the enemy, but the enemy typically hides among them. Terrorists don't tend to live in their own private "terrorist army" barracks, they hide among ordinary citizens until they strike, which may not be in the same country in which they live. That is a crucial distinction that for some reason a lot of people seem to have a hard time understanding.

The Hamburg cell [bbc.co.uk] is a perfect example. They lived in Hamburg, Germany, plotting and preparing for their attack. The actual attacks they participated in were in New York, Washington DC, and Pennsylvania, in the US on 9/11/2001.

If you think the struggle in the West is between spy agencies and citizens, you fail to understand this basic and easy to understand fact. I'm curious as to why?

'I' is for "Industrial. The eves dropping by the MI complex is not primarily about terrorists, or Joe Random's hydroponic shed, it's economic/diplomatic espionage. The "five eyes" (Google it) have been cooperating on economic espionage since ww2, that's not to say they don't look for terrorist, just that they can do more than one thing at once.

That communications are monitored on a large scale for this sort of information has been common knowledge since the 70's. Doesn't anyone watch Robert Redford movie

Cold during EU history the "spy agencies"/police have often willingly worked for Germany (WW2) the US/UK or Soviet Union (post WW2) against their own citizens and gov over generations.http://en.wikipedia.org/wiki/Strategy_of_tension [wikipedia.org]
So ordinary citizens most in the EU have a very good understanding of where their mil, gov, telco, contractors and academics loyalties can historically take them.
Junk encryption sets in, if your helping the US or UK or Russians - who else would your nations top cleared staff

The European government are outraged on being spied on. The same government, however, cooperated with the US in spying on the whole world population. The outrage in Europe, for example in Germany, only appeared after it was found out that Merkel was spied on, the same person who decided that spying on the population is no big deal.

So there are two things:a) Spying on population: good -> done by every state, and they cooperated on thatb) Spying on governments: bad -> done by the US (the other direction

Germany has a population of 82 million. It's about 1/4 of the population in the US, and about 3/4 of Russias. Only US, India, China and Russia have larger economies. It is also one of the worlds most technically advanced countries. They certainly could have technical and economical capability to monitor american politicians.

It is only for political reasons they probably not are doing that, but you can be certain that they monitor the political situation and the military capabilities of all rel

There's a WW2 era agreement between the "five eyes" (US/UK/AU/Canada/France) to share intelligence and not to spy on each other. A post war "spy block" if you like. They are mainly concerned with economic/diplomatic espionage, the same thing made world headlines in the 60's and 70's when governments used it to infiltrate and disrupt anti-war groups, before that it was McCarthy vs the civil rights movement in the 50's and 60's. Have you seen the size of the FBI dossier on John Lennon or MLK, who both spent a

Well, good until the population catches its own government with pants on the knees. There are laws preventing government to spy to much on its own citizen, and breaking them may have consequences (except in the US, apparently)

One of the things we're learning from Snowden's releases is that, apparently, many/most European spy agencies are behaving much like the US and British agencies. So will people get as outraged about the behavior of their own country's government? Will they speak as disparagingly about their own fellow "sheeple" as they like to do about Americans? Or will they maybe pay a little lip service, then get back to droning on about the NSA and idiot Americans?

It seems to me we ALL need to let our own governments know this is intolerable. And the statement that "everyone else is doing it" is no more of an excuse for a country than it is for an 11 year old.

They will be outraged. The problem is that the governments in Europe knew all this for a long time already and by now have had plenty of time to prepare their PR machinery for it to dowplay the problem like the US government. Merkel is the best example, she ignored possible mass surveillance of Germans right from the start and probably the only reason she is publicly outraged about the eavesdropping of US into her phone conversations is that it would appear strange to her voters not to be.

The big problem for the European spy agencies is who is working for the US/UK on projects, who is working for the US/UK and who is beholden to the US/UK or Russia, China... or just likes cash.
What can the limited national counter surveillance teams do?
Thats Ok, they are working with the US - who in the US?
Thats Ok, they are working with the UK - - who in the UK?
Thats Ok, they are working with the UK/US and like taking work home...
Thats Ok, they are working with the UK and US and like taking work home a

I'm also curious about the reverse. There has been a trend of Americans basically claiming that Snowden is some kind of anti-American sleeper agent whose sole purpose is to embarrass and discredit US. Now that the docs are out on other countries, including ones like France which aren't really close allies, what's the pitch?

The Ghost of John Lennon is going to sue you for copyright infringement, and you'll need a lot more than love to keep you from being financially fucked eight days a week. So let me whisper some words wisdom to you and get back, get back to the USSR! Now good day sunshine.

I've been assuming GCHQ has had their hands as dirty as they get in this ever since they detained Greenwald's partner a few months back. They were terribly concerned with seeing what exactly the Journalists had on them, so it's been reasonable to assume they've been figuring out whether they can cover this up or not. They've had months to prepare themselves for this revelation, I just hope they come up with a better plan then directing the attention to Snowden himself instead of what he's saying- that plan's getting old.

OK, we all now know that what ever we do is being watched, but what are the computers that are watching us? Could we take their abilities and address the problems in our community? Like Spell Checking. And where did I put my xBox remote?! You know, things that of a Vital Interest to me.

Americans think themselves a bit safer because the NSA is not supposed to spy on them. But what tells me that the NSA is not letting a foreign partner agency collect and evaluate the data of the Americans for them and just gets back the hits? For these hits they would have no problems getting a warrant, even from a non-secret court.

And the release order is also well thought out, expose the US's complete global surveillance operation, wait for EU leaders to react, and then release that those EU leaders are effectively doing the same thing.

Given the level of surveillance, which at this point makes conspiracy theorist's claims seem conservative, this seems to be THE chance for actual change.

I doubt it though, Newspeak will be provided - "We are no longer monitoring you", while the truth will be that they are. Everyone will still be.

The real question will be whether people buy into the "open" future, seek to protect their privacy, or just don't give a shit.

The real problem is that most people just won't give a shit. This is the result of an educational system that doesn't promote thinking. The masters have won the game.

A good thing to start doing right now would be to educate people to use end-to-end encryption for all their communications (or as much as they can). HTTPS, IMAPS, etc. It's not the ultimate solution but will make a good portion of MiTM attacks conducted by spying agencies useless.

that is not a solution, it's a stopgap. a solution requires a global overhaul in our war driven societies. unfortunately, these changes challenge the existing dogma that is being drilled into everyone on the planet. in the evolutionary sense, the human race is still a race of children. it might be thousands of years before people stop trying to harm each other... assuming we survive that long.

A good thing to start doing right now would be to educate people to use end-to-end encryption for all their communications (or as much as they can).

End-to-end encryption is a great idea, but technical people need to make this as simple and idiot proof as possible to maximize adoption. Let me repeat that: it needs to be simple and idiot proof. I know it's popular around here to accuse everyone in the world of being a drooling dolt, especially where technical matters are concerned, but the fact is, people are busy living their lives, working hard, spending time with their family, etc., and have little time left over for technical geekery. A ten page guide that walks you through all kinds of technical jargon and details is not going to cut the mustard. It must be nearly "click, click, click, done" simple.

HTTPS, IMAPS, etc. It's not the ultimate solution but will make a good portion of MiTM attacks conducted by spying agencies useless.

https is broken by design: it trusts anything the root CAs trust, and you can be sure most or all the CAs around the world are in bed with all the big intelligence agencies.

A good interview to ~spy "masters have won the game" http://cryptome.org/2013/11/cryptome-la-repubblica.htm [cryptome.org]
People are now aware of junk encryption, the gov standards groups that set it, the academics that taught it, the developers that promoted it, the brands that sold/rented it.
The trust in the US/UK is gone. Enjoy the products for fun. Staff will be looking to new domestic solutions where real quality is needed.
The sock puppets can no longer have equal standing with 'no surveillance", surveillance i

The US system, it's the only one I am familiar with. Although the other Slashdot post about the 1st grade math test will lead me to read about Singapore's approach to education. I'd love to home school but do not have the opportunity. Instead I spent 19 nights camping in 2013 with my kids, teaching them about nature and clouds.

The current US education system seems to be focused on "put the X in the correct spot".

Not very surprisingly, the news about European countries' secret agencies cooperating with GCHQ and NSA easily explain the reluctance of said countries' politicians to really go after the US and UK for spying on them and their citizens... after all, it's the local agencies that do the work... too bad that too few of the citizens care... ("I have nothing to hide")

Guess what they say is true: Just because you're paranoid doesn't mean you're not being watched...

If the threat was as real as they say it is, the CIA's clandestine service would be the largest it's ever been since the agency was founded and Bush/Obama would have told them to take the kid gloves off in dealing with Al Qaeda. By that I mean the CIA (or MI6 here) would have been given carte blanche to go abroad and use the full playbook of nasty espionage tactics. You'd think a "Mossad times ten" had suddenly hit the major terrorist networks.

End to end encryption is the only answer here. Maybe instead of relying on server certificates, which could be compromised, do the reverse -- the client certificate is used to secure the connection. That way everyone can use a CA (or even issue their own) that they trust. It puts the client in the driver seat, so instead of just stealing Google's key (or tapping Google's fiber), they have to get yours... One might argue that they could target you with advanced malware and steal your private key, but that is no different than what could happen today if they REALLY target you.

Makes sense that if you trust no one, why do you trust their SSL certificate? Why not make them use yours. In the case of on-line purchases, you trust the server based on their certificate but the client still controls the session key. And they trust you based on your login rather than the certificate.

Shrug... Something has to be done by the users. These governments are never, ever going to stop spying.

End to end encryption is the only answer here. Maybe instead of relying on server certificates, which could be compromised, do the reverse -- the client certificate is used to secure the connection. That way everyone can use a CA (or even issue their own) that they trust....

Have you looked at the work going on in the IETF and other places to deploy "perfect forward secrecy?" The idea is to use a Diffie-Hellman exchange to negotiate a random key, and then only use the server certificate to prove the server's identity and knowledge of the key. Pretty much the same result as client certificates, easier to deploy, and with the added advantage that even if the server's key is compromised, the sessions' keys remain secret.

Most of us [geeks] think the blanket surveillance is not just evil, but is also a danger to democratic governance. Yet, we are the only ones who can implement it. Certainly, politicians and attorneys wouldn't have a clue about how to do it. So why do only a a few like Snowden take a stand?

When will we hear about what China and Russia are doing from Snowden? That would be some very nasty information, but it would redeem his character. It might also make it a bit easier to be lenient at his eventual conviction.

(oh, and by the way, modbombing the unpleasant truth about Snowden doesn't make your case better.)

Where exactly would he get such information? The source of all Snowden's leaks so far is internal NSA documents, and I very much doubt that China and Russia had surveillance programs that were data sharing or otherwise cooperating with the NSA, unlike GCHQ.

Mercenaries, contractors, banks, arms sales, drug dealers, support companies, regional areas with contracts/zero bid weapons manufacturing, political types showing their leadership skills.
Then you have all the new cleared gov staff, their pay, rank and social status. The understanding of putting gov years in and getting a that mercenaries, contractors "taxpayer" wage soon.
This ongoing war on a tactic is a big win for many. The other question is the cost of the junk encryption and reality of rushed bulk